CVE-2025-22243 - VMware NSX Manager UI Stored XSS Vulnerability
CVE ID : CVE-2025-22243
Published : June 4, 2025, 8:15 p.m. | 37 minutes ago
Description : VMware NSX Manager UI is vulnerable to a stored Cross-Site Scripting (XSS) attack due to improper input validation.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Wed, 04 Jun 2025 20:15:00 GMT
read more
CVE-2025-22244 - VMware NSX Stored XSS Vulnerability
CVE ID : CVE-2025-22244
Published : June 4, 2025, 8:15 p.m. | 37 minutes ago
Description : VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the gateway firewall due to improper input validation.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Wed, 04 Jun 2025 20:15:00 GMT
read more
CVE-2025-22245 - VMware NSX Stored XSS Vulnerability
CVE ID : CVE-2025-22245
Published : June 4, 2025, 8:15 p.m. | 37 minutes ago
Description : VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the router port due to improper input validation.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Wed, 04 Jun 2025 20:15:00 GMT
read more
CVE-2025-31134 - FreshRSS Path Disclosure Vulnerability
CVE ID : CVE-2025-31134
Published : June 4, 2025, 8:15 p.m. | 37 minutes ago
Description : FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, an attacker can gain additional information about the server by checking if certain directories exist. An attacker can, for example, check if older PHP versions are installed or if certain software is installed on the server and potentially use that information to further attack the server. Version 1.26.2 contains a patch for the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Wed, 04 Jun 2025 20:15:00 GMT
read more
CVE-2025-31136 - FreshRSS Cross-Site Scripting (XSS) Vulnerability
CVE ID : CVE-2025-31136
Published : June 4, 2025, 8:15 p.m. | 37 minutes ago
Description : FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, it's possible to run arbitrary JavaScript on the feeds page.
This occurs by combining a cross-site scripting (XSS) issue that occurs in `f.php` when SVG favicons are downloaded from an attacker-controlled feed containing `